StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POnode.js + restify - requiring client certificate
primarykey
Id
12826711
data
AcceptedAnswerId
0
AnswerCount
1
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2012-10-10T19:17:50.023
FavoriteCount
0
LastActivityDate
2012-12-13T16:07:50.210
LastEditDate
2017-05-23T11:43:14.437
LastEditorUserId
-1
OwnerUserId
578847
ParentId
0
PostTypeId
1
Score
0
ViewCount
2864
LastEditorDisplayName
text
Body
So I'm working on a basic node app. Clients will connect to it with SSL. It seems to work fine when I just use a server certificate, but when I attempt to require a client certificate, it continues to work no matter what I throw at it. I have found questions on this site related to this, but the answers contained therein didn't seem to work for me. <a href="https://stackoverflow.com/questions/10142431/my-node-js-https-client-always-works-regardless-of-certificate-validity?rq=1" title="Here's one.">Here's one.</a> Here's relevant code: <pre><code>var restify=require('restify'); var fs=require('fs'); var server=restify.createServer({ certificate: fs.readFileSync('../certs/server.crt'), key: fs.readFileSync('../certs/server.key'), ca: fs.readFileSync('../certs/ca.crt'), requestCert: true, rejectUnauthorized: true, }); ... server.listen(8080, function() { console.log('servers up...'); }); </code></pre> I'm using curl to test connections, and pretty much anything that comes in causes the request object to be logged to console. The various curl command lines I've used are: <pre><code>curl -k https://localhost:8080/hello curl -k -E user.combined:password https://localhost:8080/hello </code></pre> I'm using -k because the certificates were generated locally and curl wants to validate them. (could this be the problem??) So, no matter what I send to the node instance, I get the output I'd expect if the user was using the proper certificate (as they are in the second curl command line above). Logged in the console, I see this: <pre><code>req = { socket: { pair: _secureEstablished: true, _isServer: true, ... _rejectUnauthorized: false, _requestCert: false, (further down) authorized: false </code></pre> Obviously, there's something going on here that I'm not fully up to speed on. What could it be? == UPDATE == using -v with curl gets me some additional information, including this in the curl output: <pre><code>* About to connect() to localhost port 8080 (#0) * Trying 127.0.0.1... connected * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs </code></pre> As noted above, my ca.crt file is in the (relative) directory ../certs Thank you.
Tags
<node.js><https><certificate><restify>
Title
node.js + restify - requiring client certificate
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USCommunity
UserOwnerUserId
1. USChris
plurals
PostLinksPostIdRelatedPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostLinksRelatedPostIdPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. This table or related slice is empty.
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.